D/DoS mitigation hardware/software needed.

Christopher Morrow morrowc.lists at gmail.com
Mon Jan 11 01:05:17 CST 2010


On Mon, Jan 11, 2010 at 12:26 AM, jul <jul_bsd at yahoo.fr> wrote:
> Martin Hannigan wrote on 05/01/10 16:50:
>>> I see two possible solutions:
>>> - Netflow/sFlow/***Flow  feeding a BGP RTBH
>>> - Inline device
>>>
>>>
>>
>>      - Outsource to service provider
>
> I want to add some stuff on this as I didn't see them with a quick check
> on the thread.
> Local solution always have a limit as bandwith will be exhausted before
> goin into your solution/network.
>
> Outsourced services have higher cost than Arbor but can handled more.

Do they? VerizonBusiness's solution was $3250US/month so ~$90USk over
2yrs. Arbor, I think, for a TMS + collectors was +100k.

There are decent outsourced solutions, that move the problem out of
your network, scrub traffic as requested, give you the ability to send
traffic there on-demand (without calling the provider) and actually do
work. All at a cost that's more than reasonable if your business
depends upon the Internets.

-chris




More information about the NANOG mailing list